Enhancing security and improving interoperability in healthcare information systems.

Security is a key issue in healthcare information systems, since most aspects of security become of considerable or even critical importance when handling healthcare information. In addition, the intense need for information exchange has revealed interoperability of systems and applications as another key issue. Standardization can play an important role towards both these issues. In this paper, relevant standardization activities are briefly presented, and existing and emerging healthcare information security standards are identified and critically analysed. The analysis is based on a framework which has been developed for this reason. Therefore, the identification of gaps and inconsistencies in current standardization, the description of the conflicts of standards with legislation, and the analysis of implications of these standards to user organizations, are the main results of this paper.

Forming a health care incident reporting scheme.

In this paper the initial design steps of an Incident Reporting Scheme for Health Care are presented. The results of a short survey for the determination of Health Care user needs and expectations from such a scheme are given. The paper outlines a concise description of the proposed system and presents the conceptual model of the IRS database, and the developed prototype version of this database. Finally, future steps and security issues are described.

The need for a security policy in health care institutions.

Because of the increasing role of information technology in health care more attention is needed for security. Legal, technical/organisational and social measures are needed. Based on general principles a high level security policy needs to be formulated for each institution. Based on such policy measures can be selected and implemented. The need for a high level policy is emphasized; as an example the high level policy developed within the AIM SEISMED project is briefly described.